Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.14279/31088
DC FieldValueLanguage
dc.contributor.authorSolomos, Konstantinos-
dc.contributor.authorIlia, Panagiotis-
dc.contributor.authorNikiforakis, Nick-
dc.contributor.authorPolakis, Jason-
dc.date.accessioned2024-02-05T12:26:01Z-
dc.date.available2024-02-05T12:26:01Z-
dc.date.issued2022-11-07-
dc.identifier.citation28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, 7 - 11 November 2022en_US
dc.identifier.isbn9781450394505-
dc.identifier.issn15437221-
dc.identifier.urihttps://hdl.handle.net/20.500.14279/31088-
dc.description.abstractBrowser fingerprinting continues to proliferate across the web. Critically, popular fingerprinting libraries have started incorporating extension-fingerprinting capabilities, thus exacerbating the privacy loss they can induce. In this paper we propose continuous fingerprinting, a novel extension fingerprinting technique that captures a critical dimension of extensions' functionality that allowed them to elude all prior behavior-based techniques. Specifically, we find that ephemeral modifications are prevalent in the extension ecosystem, effectively rendering such extensions invisible to prior approaches that are confined to analyzing snapshots that capture a single moment in time. Accordingly, we develop Chronos, a system that captures the modifications that occur throughout an extension's life cycle, enabling it to fingerprint extensions that make transient modifications that leave no visible traces at the end of execution. Specifically, our system creates behavioral signatures that capture nodes being added to or removed from the DOM, as well as changes being made to node attributes. Our extensive experimental evaluation highlights the inherent limits of prior snapshot-based approaches, as Chronos is able to identify 11,219 unique extensions, increasing coverage by 66.9% over the state of the art. Additionally, we find that our system captures a unique modification event (i.e., mutation) for 94% of the extensions, while also being able to resolve 97% of the signature collisions across extensions that affect existing snapshot-based approaches. Our study more accurately captures the extent of the privacy threat presented by extension fingerprinting, which warrants more attention by privacy-oriented browser vendors that, up to this point, have focused on deploying countermeasures against other browser fingerprinting vectors.en_US
dc.language.isoenen_US
dc.rights© ACMen_US
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 International*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/*
dc.subjectbrowser fingerprintingen_US
dc.subjectextension fingerprintingen_US
dc.subjectonline trackingen_US
dc.titleEscaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modificationsen_US
dc.typeConference Papersen_US
dc.collaborationUniversity of Illinois at Chicagoen_US
dc.collaborationStony Brook Universityen_US
dc.subject.categoryElectrical Engineering - Electronic Engineering - Information Engineeringen_US
dc.countryUnited Statesen_US
dc.subject.fieldEngineering and Technologyen_US
dc.relation.conferenceProceedings of the ACM Conference on Computer and Communications Securityen_US
dc.identifier.doi10.1145/3548606.3560576en_US
dc.identifier.scopus2-s2.0-85143060229-
dc.identifier.urlhttps://api.elsevier.com/content/abstract/scopus_id/85143060229-
cut.common.academicyear2022-2023en_US
item.openairecristypehttp://purl.org/coar/resource_type/c_c94f-
item.openairetypeconferenceObject-
item.cerifentitytypePublications-
item.grantfulltextnone-
item.languageiso639-1en-
item.fulltextNo Fulltext-
crisitem.author.deptDepartment of Electrical Engineering, Computer Engineering and Informatics-
crisitem.author.facultyFaculty of Engineering and Technology-
crisitem.author.orcid0000-0002-8609-1008-
crisitem.author.parentorgFaculty of Engineering and Technology-
Appears in Collections:Δημοσιεύσεις σε συνέδρια /Conference papers or poster or presentation
CORE Recommender
Show simple item record

SCOPUSTM   
Citations

4
checked on Mar 14, 2024

Page view(s)

101
Last Week
1
Last month
9
checked on Nov 24, 2024

Google ScholarTM

Check

Altmetric


This item is licensed under a Creative Commons License Creative Commons